Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Loader.exe
-
Size
445KB
-
Sample
230220-sraw9aah2w
-
MD5
9e30553b003e6c9099ce52ea18d0a6f9
-
SHA1
b4de671b594ad90439a43cf4de49606ee6798298
-
SHA256
eddd58f52fc1ead5886f788892412d23a0fa5fc4c76af2548ea7321c2f6c4d9c
-
SHA512
5788097d8a613e78644e8a94123b06d93c708216fe92c2865017933bd3b4ec507107c68ec31c7d58c595032b570f8c4e8f56db9d51927a3764fb699d89ff70c3
-
SSDEEP
6144:EAYL50f+dgN8BMStlQfAk/X0DfU/8utzIPrdWspxFoZDf820w7/vFip6y/OMB:EAM9e82fZPMfq3tzWdvoZL9/fMB
Static task
static1
Behavioral task
behavioral1
Sample
Loader.exe
Resource
win7-20221111-en
Malware Config
Extracted
vidar
2.5
408
-
profile_id
408
Targets
-
-
Target
Loader.exe
-
Size
445KB
-
MD5
9e30553b003e6c9099ce52ea18d0a6f9
-
SHA1
b4de671b594ad90439a43cf4de49606ee6798298
-
SHA256
eddd58f52fc1ead5886f788892412d23a0fa5fc4c76af2548ea7321c2f6c4d9c
-
SHA512
5788097d8a613e78644e8a94123b06d93c708216fe92c2865017933bd3b4ec507107c68ec31c7d58c595032b570f8c4e8f56db9d51927a3764fb699d89ff70c3
-
SSDEEP
6144:EAYL50f+dgN8BMStlQfAk/X0DfU/8utzIPrdWspxFoZDf820w7/vFip6y/OMB:EAM9e82fZPMfq3tzWdvoZL9/fMB
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-